Safety in Automation

Safety technologies are benefiting from the surge of interest in machine safety, even though it is being propelled in large part by external forces, marketplace issues and regulations. But achieving higher levels of safe motion is also a good thing for OEM machinery builders and users because the end result extends beyond human safety, to material assets and reduced probability of machine failures.

This special section takes a look at solutions for safety in automation. The focus on safety is effectively providing an impetus for the adoption of technologies and products that ultimately will be the basis of new generations of safer machines.

Focus on Feedback RedundancySafety-related position measuring systems rely on pure digital, dual feedback
Redundant systems are critical to the goal of functional safety which minimizes and reduces the risks that can occur during normal or impaired operation of machinery. So, a fundamental requirement for axes of motion in safety-oriented applications is redundant position information to perform corresponding safety functions.

“A key requirement for safety is built-in redundancy,” says Tom Wyatt, national sales and product manager for Heidenhain. “To achieve safer machines, it has always been a requirement for feedback suppliers to come up with effective dual feedback systems for redundancy.”

Heidenhain has made a major ongoing commitment to safety-related position measuring systems using its EnDat 2.2 pure serial data interface. Drive encoders have achieved safety approvals with control category SIL-2 (in accordance with IEC 61508 or performance level “d” of ISO 13849). A linear scale product already available with the interface is in the process of gaining safety approvals from the various governing bodies and their goal is to get all products switched over.

“What we have done is taken a rotary encoder, along with a linear scale perspective as well, and built two encoders into one,” says Wyatt. He says, on the rotary encoder side, there are two independent scanning methods and pure serial communications, as well. The requirement on the driver control side is a dual processor system, so when a data packet is sent there are two independent data packets one right after the other on the same line from two independent measuring systems built into the encoder.

“You can imagine with a machine tool, that if something happens with a drive axis, there is always a runaway situation where damage can happen,” says Wyatt. “The combination of sensors and feedback systems prohibits runaway situations and puts the system in safety stop if something is missing. If the two data packets that come back from the encoder suddenly don't match or one is missing, immediately within microseconds the system is shut down.”

In the past two years since the initial approval of this position measuring technology by BGIA in Europe, the equivalent of the Occupational Safety and Health Administration in the U.S., the focus has been on safe machines to meet European machine tool standards. He says the concept is now being looked at for all types of automation applications.

A key area for growth is the robotics industry because of the need for the work envelope for robots to be safe and the ability it provides for manufacturers to save space on the manufacturing floor by placing robots into tighter spots. But there is also interest in packaging for applications such as palletizing, all driven by the spotlight on European machine tool standards and the increased general focus on the need for safety approvals.

Wyatt says the technology has established itself but there are still certain levels to fulfill. The technology already achieved SIL-2 which is probability of failures and Category 3 which pertains to machine tool safety. But the whole idea is to reduce the probability of failure and along with that comes both higher levels of material safety and, of course, human safety.

“We continue to see safety as a rising issue down the road and safety is a big issue with high-end interfaces,” says Wyatt. “The probability of failure is really the only place you can improve and we are currently at 10-8 and 10-7 for SIL-2. The probability of failure is already next to nothing, but the next step is improving on that even though you can only go so far.”

Networking SafetyFlexibility is a key benefit of implementing Safety at Work technology

With safety in the spotlight, advocates for networked safety have hardwired safety system technologies clearly in the crosshairs. They argue that safety relays, auxiliary contacts and redundant cable runs are all part of systems that deliver poor diagnostics, high setup complexity and create time-consuming installations.

But according to Helge Hornis, Ph.D., manager of Intelligent Systems for Pepperl+Fuchs, the key to acceptance of the technology is helping engineers understand how networking safety provides flexibility in terms of expanding the safety system, implementing multiple safety zones and improving diagnostics.

“The basics of flexibility mean that when you need to have another device (safe or non-safe) in your system, you simply run a spur from anywhere on the network in that new direction and put the new device on the network,” says Hornis. He says the networks provide diagnostics that are not only better than what was before, but also completely impossible.

“How do you detect a contact that is intermittent? In the past, you simply didn't. The flexibility the system gives the engineer, in terms of uptime and what they can do with the machine, goes way up,” he says.

Pepperl+Fuchs has developed safe systems using the AS-Interface Safety at Work networking technology for about five years. Hornis says the possibility of expanding the safety system in minutes is just one of the many advantages the technology brings to the plant floor.

Other advantages include a wiring reduction compared to hardwired solutions while maintaining Category 4 safety and detailed diagnostics down to the contact level without a single inch of additional wire. Multiple safety zones, dependent and independent, can be implemented with no additional wiring and systems have the ability to capture nuisance shutdowns due to faulty safety contacts or wiring connections at the safety device level.

Hornis says even though networked safety solutions have been around almost 10 years, some engineers still question if they are legally allowed to use networked safety and if it is actually safe. “There is too little understanding of the basics of network safety and how it can be safe if it doesn't use four wires,” says Hornis.

When Europe moved to allow networked safety under certain very stringent conditions, still forbidden in the U.S. at the time, it was clear machine builders that wanted to sell into Europe would need to be able to address these requirements. But once a machine is designed that utilizes a modern technology, why build one for the U.S. market which is really very primitive and doesn't give users the abilities of a machine sold in Japan or Europe?

“There is a strong trend toward safe systems and we have been selling these products for about five years,” says Hornis. “We're going through a major upgrade cycle now, where what we have learned over the years from customer input and requirements is resulting in new products and technologies.”

One example is remote safety relay technology that will be available by the end of the year. This new capability will allow systems that run on AS Interface, when there is a need to shutdown a motion safety somewhere else and no original plan to do that, to utilize a safety-rated output module (Category 4, SIL-3 and performance level “e”) in the field to expand the network.

The overall impact of safety networking is continuing to expand, as well. At the end of 2007, the total number of safety installations worldwide based on AS Interface alone totaled 50,000. The number of safety modules or safety inputs in the field totaled more than 350,000 units, numbers Hornis thinks makes Safety at Work the number one solution in terms of customer adoption rate.

Safety Switch Technology With SensaguardSafety in Automation: New Products

The new Allen-Bradley SensaGuard family of RFID-coded, non-contact switches from Rockwell Automation includes a high safety rating, flexible design, extended diagnostics and RFID coding, while improving safety and reducing troubleshooting time and machine wiring costs.

The switches are Category 4/SIL 3 rated per EN954-1, TÜV functional safety-approved to IEC61508. Unlike lower rated switches, SensaGuard will shutdown a machine if a failure occurs before there is a demand on the safety device — which improves machine operator safety. They are especially suited for machines where multiple access doors must be monitored up to a Safety Category 4/SIL 3.

Additionally, logical AND connections help facilitate complicated applications in combination with other G9SX series units. Each G9SX-GS unit supports unique auto switching and manual switching functions.

Auto switching ensures safety and productivity in applications with coordinated operations by monitoring a machine or robot, plus the operator, to make certain neither enters the coordinated area at the same time. Manual switching is for applications that require limited machine access for operations such as maintenance and cleaning.

Safe Relays For Process Applications

Phoenix Contact now offers safe relay modules, approved to SIL3/IEC 61508, designed specifically for process applications. Optimized turn-on behavior eliminates high start-up current that a control system might interpret as a short circuit. The safe relays provide two channels of redundant normally open contacts and one normally closed status contact that can switch up to 250V ac/6 A in a 22.5-mm housing.

These compact safety relays are used to electrically isolate field applications from the control system or to adjust the voltage or power. In addition to being used in conjunction with safety-oriented control systems, these relays form an integral part of the safety chain for electrical and electronic applications in process technology and mechanical engineering.

Safe Camera System For 3-D Control and Monitoring

SafetyEYE is a camera system for three-dimensional safety monitoring from Pilz Automation, developed in conjunction with DaimlerChrysler. The system places a customized, three-dimensional protective cocoon around a danger zone with a single system. It is designed to replace a multitude of two-dimensional sensors currently in use today. The system offers functions for control and monitoring and allows detection zones to be configured flexibly and quickly on a PC.

More than just a sensor, SafetyEYE is the basis for a technology that safely detects objects in a three-dimensional zone and alters a robot or a machine's movement to prevent accidents. It is suitable for a wide range of applications from manufacturing operations, to the tire and packaging industries, to high-bay racking systems and automatic car parks. The system can also provide uninterrupted object monitoring and access guarding.

Safe Motion™ Technology With Safety-On-Board

Bosch Rexroth's IndraDrive with Safety-On-Board features Safe Motion™ technology integrated directly in the drive, including the latest international standards for safe stopping and safe motion.

These capabilities are available on a common platform that functions as a servo drive or frequency converter. The system has reaction times up to 400 times faster than conventional solutions that use contactors to produce a safe stop.

Because the Safety-On-Board technology is integrated directly into the drive, motion controllers, regardless of manufacturer, are able to leverage the technology. The drive has enough I/O for the safeguarding logic needed to interface to safety gates, panel switches and interlock switches. The machine builder only needs to learn one safety solution for an application and the machine is pre-certified, so the OEM doesn't have to worry about the safety certification process.

Powerlink Safety

The ACOPOS drive system from B&R Automation uses POWERLINK Safety to enable functions such as safe limited speed directly over the network. Wiring these safety-related signals to the drive is eliminated and the information is collected from its source via safe digital inputs and outputs. It is distributed to corresponding sensors, actuators or drive via the SafeLOGIC central processing unit.

Safety in the drive system comprises the following functions according to Category 3, EN 954-1: uncontrolled and controlled stops, safe stop and safe operation halt, safe limited step measurement and safe limited absolute position, safe limited speed and safe rotational direction. Functions like safe restart inhibit or safe output for the motor holding brake are integral parts of the system.

Safety Relay For Motion In Hazardous Areas

The new Allen-Bradley MSR (Minotaur™ Safety Relay) 57 speed monitoring safety relay from Rockwell Automation is designed to allow personnel to enter hazardous areas while motion is present. The MSR57 will be available later this year.

The device supports numerous input devices such as E-stops and light curtains, allowing switches and interlock switches to stop the motion, put the machine into safe speed and monitor personnel in the hazardous area during safe speed conditions. The MSR57 can be configured and monitored via Drive Explorer or an HMI device. During configuration, the user can set a variety of parameters to specific requirements for their application including type of input devices, door locking and monitoring, enabling switches and a maintenance (safe speed) mode. One example is that the MSR57 can unlock doors automatically when zero speed is detected.

Safety At Work E-Stop Safety Switches

Pepperl+Fuchs has introduced a new family of emergency stop switches with integrated Safety at Work (SaW) functionality. These intelligent switches are powered by the AS-Interface network and offer fast, error-free installation in field or panel-mount applications. Field and panel-mount models are available in high-intensity, wide-angle illuminated versions, as well as non-illuminated versions, to suit any e-stop application requirement.

Illuminated models are lit with a high-intensity LED to eliminate the need for auxiliary power, while reducing the number of required leads to two. For added flexibility, the LED is not activated by the button but is controlled by a PLC, which allows users to solve even the most unusual applications. Non-illuminate e-stops provide safe operation at a lower price point than illuminated models.

Field-mountable versions eliminate all wiring to save time and eliminate the possibility of incorrectly wiring the e-stop switch and feature an M12 connector that works in conjunction with flat-to-round cable adapters to reduce installation time to less than 60 sec.

A few weeks ago, Ford Motor Co. quietly announced that it was rolling out a new wrinkle to the powerful safety feature called stability control, adding even more lifesaving potential to a technology that has already been very successful.

It won't be too much longer and hardware design, as we used to know it, will be remembered alongside the slide rule and the Karnaugh map. You will need to move beyond those familiar bits and bytes into the new world of software centric design.

People who want to take advantage of solar energy in their homes no longer need to install a bolt-on solar-panel system atop their houses -- they can integrate solar-energy-harvesting shingles directing into an existing or new roof instead.

Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.